fix: make TF-A use provided OpenSSL binary Currently Tf-A uses whatever openssl binary is on the system to sign images. However if OPENSSL_DIR is specified in the build flags this can lead to linking issues as the system binary can end up being linked against shared libraries provided in OPENSSL_DIR/lib if both binaries (the system's and the on in OPENSSL_DIR/bin) are the same version. This patch ensures that the binary used is always the one given by OPENSSL_DIR to avoid those link issues. Signed-off-by: Salome Thirot <salome.thirot@arm.com> Change-Id: Ib534e06ebc8482e4391e376d3791a87968de4a99

commit: 0b35da32c94e45e7207bf05b6596ff709d6cc1c9 [log] [tgz]
author: Salome Thirot <salome.thirot@arm.com> Thu Jul 14 16:14:15 2022 +0100
committer: Salome Thirot <salome.thirot@arm.com> Thu Aug 04 10:45:46 2022 +0100
tree: f02f78f766a06a6eb5310f5f21768fd885a1a7d3
parent: 7dbccba38454e7123fb96f0edfb30bf3e06c43a0 [diff] [blame]
diff --git a/plat/arm/board/common/board_common.mk b/plat/arm/board/common/board_common.mk
index b11811c..1d0eb13 100644
--- a/plat/arm/board/common/board_common.mk
+++ b/plat/arm/board/common/board_common.mk

@@ -53,8 +53,8 @@
 ifndef ROT_KEY
 	$(error Cannot generate hash: no ROT_KEY defined)
 endif
-	openssl ${CRYPTO_ALG} -in $< -pubout -outform DER | openssl dgst \
-		-sha256 -binary > $@
+	${OPENSSL_BIN_PATH}/openssl ${CRYPTO_ALG} -in $< -pubout -outform DER | \
+	${OPENSSL_BIN_PATH}/openssl dgst -sha256 -binary > $@
 
 # Certificate NV-Counters. Use values corresponding to tied off values in
 # ARM development platforms
commit	0b35da32c94e45e7207bf05b6596ff709d6cc1c9	[log] [tgz]
author	Salome Thirot <salome.thirot@arm.com>	Thu Jul 14 16:14:15 2022 +0100
committer	Salome Thirot <salome.thirot@arm.com>	Thu Aug 04 10:45:46 2022 +0100
tree	f02f78f766a06a6eb5310f5f21768fd885a1a7d3
parent	7dbccba38454e7123fb96f0edfb30bf3e06c43a0 [diff] [blame]